WO2017032192A1 - Encryption state detection method and system - Google Patents

Encryption state detection method and system Download PDF

Info

Publication number
WO2017032192A1
WO2017032192A1 PCT/CN2016/090715 CN2016090715W WO2017032192A1 WO 2017032192 A1 WO2017032192 A1 WO 2017032192A1 CN 2016090715 W CN2016090715 W CN 2016090715W WO 2017032192 A1 WO2017032192 A1 WO 2017032192A1
Authority
WO
WIPO (PCT)
Prior art keywords
encryption key
server
client
display
encryption
Prior art date
Application number
PCT/CN2016/090715
Other languages
French (fr)
Chinese (zh)
Inventor
李彬
林强生
张龙华
向建中
薄景仁
Original Assignee
广州视睿电子科技有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 广州视睿电子科技有限公司 filed Critical 广州视睿电子科技有限公司
Publication of WO2017032192A1 publication Critical patent/WO2017032192A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks

Definitions

  • the present invention relates to the field of network information security technologies, and in particular, to an encryption state detection method and system.
  • Traditional web encryption is limited to a single software encryption method.
  • the encryption method mainly protects information such as passwords.
  • the content in the WEB background is easily attacked and crawled by crawlers, malware, search engines, etc., resulting in insecure information.
  • An encryption state detection method includes the following steps:
  • the server detects whether there is an access unlocking hardware device, and obtains a detection result
  • the judgment result is pushed by the client.
  • An encryption state detection system includes:
  • the login module is configured to display the login webpage interface through the client, receive the encryption key, and send the encryption key to the server;
  • a detecting module configured to detect, by the server, whether an unlocking hardware device is accessed, and obtain a detection result
  • a determining module configured to determine, by the server, whether the encryption key has display permission according to the detection result, and generate a determination result and send the result to the client;
  • a pushing module configured to push the determination result by the client.
  • the above-mentioned encryption state detecting method and system through the client displaying the login webpage interface, receiving the encryption key and transmitting it to the server; and detecting whether there is access to the unlocking hardware device through the server, the detection result is obtained.
  • the server determines whether the encryption key has display permission according to the detection result, and generates a judgment result to be sent to the client; and the judgment result is pushed by the client.
  • the software combines hardware to determine whether the encryption key has display permission, and pushes the judgment result to inform the user whether there is restricted access, restricts the login personnel, avoids leakage of access content, and improves encryption security.
  • 1 is a flowchart of an encryption state detecting method in an embodiment
  • FIG. 2 is a flowchart of a method for detecting an encryption state in another embodiment
  • FIG. 3 is a structural diagram of an encryption state detecting system in an embodiment
  • FIG. 4 is a structural diagram of an encryption state detecting system in another embodiment.
  • An encryption state detection method which can be applied to web content access, or content access of other applications. As shown in FIG. 1, the encryption state detection method includes the following steps:
  • Step S140 The login webpage interface is displayed by the client, and the encryption key is received and sent to the server.
  • the client may be a terminal device such as a desktop computer or a notebook computer, and the server may be a background server or the like.
  • the client displays the login webpage interface.
  • the user can enter the encryption key in the dialog box of the login webpage interface.
  • the client receives the encryption key and sends it to the server. Further, when the user inputs the encryption key, the client may also query the WAN server for the corresponding restriction information, and automatically send the restriction information to the server in the background.
  • Step S150 The server detects whether there is an access unlocking hardware device, and obtains a detection result.
  • the user logs into the web page of a background server and can use the corresponding unlock hardware device.
  • the detection result includes two types: the server accesses the unlocked hardware device, or the server does not access the unlocked hardware device. If the server has the corresponding unlock hardware device, the restriction information can be unlocked; otherwise, the user cannot perform the limited operation.
  • Step S160 The server determines whether the encryption key has display authority according to the detection result, and generates a determination result and sends the result to the client.
  • the software combines the hardware to determine the authority of the encryption key to obtain a judgment result.
  • the server determines whether the encryption key has display authority according to the detection result, and specifically includes steps 162 to 168.
  • Step 162 If the server has an access unlocking hardware device, obtain unlock data pre-stored by the unlocking hardware device. If an unlocked hardware device is detected, the unlock data stored therein is extracted.
  • Step 164 Determine whether the encryption key has display authority according to the unlocking data, and obtain a determination result.
  • the unlocking data may specifically include the number of users and the number of management terminals, etc.
  • the number of users is used to limit the number of user logins
  • the number of management terminals is used to limit the number of clients that log in to the same user.
  • the restriction information obtained by the query may be sent to the server at the same time, and the server compares the unlock data with the restriction information, and determines the authority of the encryption key based on the unlock data. For example, if the number of user logins in the unlocked hardware device is 1, only one user can log in. The server backend records how many logins are in the same account. If the same user logs in again, it will be kicked off the line, that is, it does not have display permission.
  • the number of management terminals is similar. Not only that, but the unlocking hardware device can also store other data to make more restrictions.
  • step 164 may include the step of detecting whether the number of logins of the encryption key is greater than the number of permissions defined by the unlock data. If yes, the encryption key does not have display permission; if not, the encryption key has display permission, and the judgment result is obtained. By comparing the number of logins of the encryption key and the number of permissions defined by the unlocking data, it is determined whether the login encryption key has display permission, and the judgment result is obtained.
  • Step 166 If the server does not access the unlocking hardware device, obtain the restriction information corresponding to the encryption key. If the server does not access the unlocking hardware device, obtain the restriction information corresponding to the initial encryption key.
  • Step 168 Determine whether the encryption key has display authority according to the restriction information, and obtain a determination result.
  • the restriction information may also include the number of users and the number of management terminals.
  • Step 168 is the same
  • the method may include the following steps: detecting whether the number of logins of the encryption key is greater than the number of permissions defined by the restriction information; if yes, the encryption key does not have the display permission; if not, the encryption key has the display permission, and the determination result is obtained. By comparing the number of logins of the encryption key with the number of permissions defined by the restriction information, it is determined whether the login encryption key has display permission, and the judgment result is obtained.
  • the unlocking data and the restriction information are respectively used to determine whether the encryption key has display permission. Since the unique hardware identification information of the client stored in the WAN is matched with the encryption key.
  • the server backend can query the information in the WAN server to know the number of users who have logged in the encryption key and the number of management terminals, and can realize the access restriction on the logged-in person.
  • Step S170 Push the judgment result by the client.
  • the push judgment result may specifically display relevant information through the customer page, such as displaying information such as “having page display permission” or “not having page display permission”; or may notify the user by voice broadcast or other means. critical result.
  • the above-mentioned encryption state detecting method determines whether the encryption key has display authority through software and hardware, and pushes the judgment result to inform the user whether there is restricted access, restricts the login personnel, avoids leakage of access content, and improves encryption security.
  • the encryption state detecting method further includes the following steps:
  • the server authenticates the encryption key according to the preset key list, and obtains the authentication result.
  • the server determines whether the encryption key has the display authority according to the detection result.
  • the server determines whether the encryption key has display authority according to the detection result and the authentication result.
  • the encryption key is also authenticated to confirm the validity of the encryption key.
  • the encryption state detecting method before step S140, further includes steps S110 to S130.
  • Step S110 Display the registration page through the client, and receive the username information. Specifically, when the user starts the client for the first time, the registration process is automatically invoked through the service process, and the registered name input by the user is used as the user name information.
  • Step S120 The hardware identification information is read by the client, and the username information and the hardware identification information are sent to the server.
  • the hardware identification information of the client is also read by the service process, and the user name information and the hardware identification information are sent to the server.
  • the hardware identification information of the client may be sent to the WAN server for storage to be called again.
  • Step S130 matching the username information and the hardware identifier information by the server, and storing the username information as an encryption key.
  • the server matches the username information and the hardware identification information. If the matching is successful, the user is successfully registered and can be used for logging in elsewhere, and the username is stored as an encryption key.
  • Steps S110 to S130 provide a user registration function to facilitate management of the login personnel.
  • the encryption state detecting method further includes the following steps:
  • the client displays the access content after receiving the display instruction.
  • the user can input a display instruction through the client, and control the client to display the access content for the user to view, thereby improving the convenience of operation.
  • the invention also provides an encryption state detection system, which can be applied to web content access, or content access of other applications.
  • the encryption state detection system includes a login module 140, a detection module 150, a determination module 160, and a push module 170.
  • the login module 140 is configured to display the login webpage interface through the client, receive the encryption key, and send the encryption key to the server.
  • the client may be a terminal device such as a desktop computer or a notebook computer, and the server may be a background server or the like.
  • the client displays the login webpage interface.
  • the user can enter the encryption key in the dialog box of the login webpage interface.
  • the client receives the encryption key and sends it to the server. Further, when the user inputs the encryption key, the client may also query the WAN server for the corresponding restriction information, and automatically send the restriction information to the server in the background.
  • the detecting module 150 is configured to detect, by the server, whether there is an access unlocking hardware device, and obtain a detection result.
  • the user logs into the web page of a background server and can use the corresponding unlock hardware device.
  • the detection result includes two types: the server accesses the unlocked hardware device, or the server does not access the unlocked hardware device. If the server has the corresponding unlock hardware device, the restriction information can be unlocked; otherwise, the user cannot perform the limited operation.
  • the determining module 160 is configured to determine, by the server according to the detection result, whether the encryption key has display permission, and generate a determination result and send the result to the client.
  • the software determines the permission of the encryption key in combination with the hardware. critical result.
  • the determining module 160 includes a first processing unit, a first determining unit, a second processing unit, a second determining unit, and a transmitting unit.
  • the first processing unit is configured to acquire unlock data pre-stored by the unlocking hardware device when the server has access to the unlocking hardware device. If an unlocked hardware device is detected, the unlock data stored therein is extracted.
  • the first determining unit is configured to determine, according to the unlocking data, whether the encryption key has display authority, and obtain a determination result.
  • the unlocking data may specifically include the number of users and the number of management terminals, etc.
  • the number of users is used to limit the number of user logins
  • the number of management terminals is used to limit the number of clients that log in to the same user.
  • the restriction information obtained by the query may be sent to the server at the same time, and the server compares the unlock data with the restriction information, and determines the authority of the encryption key based on the unlock data. For example, if the number of user logins in the unlocked hardware device is 1, only one user can log in. The server background records how many logins are in the same account. If the same user logs in again, it will be kicked off the line, that is, there is no display permission.
  • the number of management terminals is similar. Not only that, but the unlocking hardware device can also store other data to make more restrictions.
  • the first determining unit determines whether the encryption key has display authority according to the unlocking data, and the obtaining the determining result specifically includes: detecting whether the number of logins of the encryption key is greater than the number of times defined by the unlocking data. If yes, the encryption key does not have display permission; if not, the encryption key has display permission, and the judgment result is obtained. By comparing the number of logins of the encryption key and the number of permissions defined by the unlocking data, it is determined whether the login encryption key has display permission, and the judgment result is obtained.
  • the second processing unit is configured to obtain the restriction information corresponding to the encryption key when the server does not access the unlocking hardware device. If the server does not access the unlocking hardware device, obtain the restriction information corresponding to the initial encryption key.
  • the sending unit is configured to send the judgment result to the client.
  • the unlocking data and the restriction information are respectively used to determine whether the encryption key has display permission. Since the unique hardware identification information of the client stored in the WAN is matched with the encryption key.
  • the server backend can query the information in the WAN server to know the number of users who have logged in the encryption key and the number of management terminals, and can realize the access restriction on the logged-in person.
  • the push module 170 is configured to push the judgment result through the client. Use the client to push the judgment result to inform the user whether there is restricted access. Taking web content access as an example, the push judgment result may specifically display relevant information through the customer page, such as displaying information such as “having page display permission” or “not having page display permission”; or may notify the user by voice broadcast or other means. critical result.
  • the above-mentioned encryption state detection system determines whether the encryption key has display authority through software and hardware, and pushes the judgment result to inform the user whether there is restricted access, restricts the login personnel, avoids leakage of access content, and improves encryption security.
  • the encryption state detection system further includes a key authentication module, and the key authentication module is configured to detect, by the server, whether the access device unlocks the hardware device through the server, and obtains the detection result, and then The key list is set to authenticate the encryption key and obtain the authentication result.
  • the determining module 160 determines whether the encryption key has the display authority according to the detection result, and determines whether the encryption key has the display authority according to the detection result and the authentication result by the server. After receiving the encryption key on the server, the decryption application can be started and the encryption key can be passed in, the decryption application can be used to detect whether the unlocked hardware device is inserted, and whether the encryption key is valid.
  • the key authentication module authenticates the encryption key according to the preset key list by the server, and the obtaining the authentication result specifically includes: determining whether the encryption key is stored in the key list; if yes, the encryption key is correct Key; if not, the encryption key is the wrong key and the authentication result is obtained. After the detection result is obtained, the encryption key is also authenticated to confirm the validity of the encryption key.
  • the server can store the encrypted encryption key in the key list, and after receiving the encryption key sent by the client, determine whether it is stored in the key list. If yes, the encryption key is valid. If not, then The encryption key is invalid.
  • the server determines whether the encryption key has display permission according to the detection result and the authentication result. Specifically, the encryption key is first compared with the unlock data or the restriction information. For example, if the number of logins of the encryption key is not greater than the number of permissions defined by the unlock data or the restriction information, the encryption key may be considered to have a preliminary authority. If the encryption key is detected to be valid, the encryption key is finally confirmed to have the display authority.
  • the encryption key is also authenticated to confirm the validity of the encryption key.
  • the encryption status detection system further includes a registration page display module 110, an identification information reading module 120, and an information matching storage module 130.
  • the registration page display module 110 is configured to: after the login module 140 displays the login webpage interface through the client, receive the encryption key and send it to the server, display the registration page through the client, and receive the username information. Specifically, when the user starts the client for the first time, the registration process is automatically invoked through the service process, and the user inputs the registration name as the user name information.
  • the identification information reading module 120 is configured to read the hardware identification information by using the client, and send the user name information and the hardware identification information to the server.
  • the hardware identification information of the client is also read by the service process, and the user name information and the hardware identification information are sent to the server.
  • the hardware identification information of the client may be sent to the WAN server for storage to be called again.
  • the information matching storage module 130 is configured to match the username information and the hardware identification information by using the server, and store the username information as an encryption key.
  • the server matches the username information and the hardware identification information. If the matching is successful, the user is successfully registered and can be used for logging in elsewhere, and the username is stored as an encryption key.
  • a user registration function is provided to facilitate management of the login personnel.
  • the encryption status detection system further includes a page display module, and the page display module is configured to: after the push module 170 pushes the determination result through the client, if the determination result is encrypted The key has display permission, and the client displays the access content after receiving the display instruction.
  • the user can input a display instruction through the client, and control the client to display the access content for the user to view, thereby improving the convenience of operation.

Abstract

The present invention relates to an encryption state detection method and system. The method comprises: displaying a login webpage interface via a client, and receiving an encryption key and sending same to a server; detecting whether there is an accessed hardware unlock device via the server to obtain a detection result; judging whether the encryption key has a display right via the server according to the detection result, and generating a judgement result and sending same to the client; and pushing the judgement result via the client. Whether an encryption key has a display right is judged by combining software with hardware, and a judgement result is pushed to inform a user whether restricted access exists to restrict a login person, thereby avoiding leakage of access contents and improving encryption security.

Description

加密状态检测方法和系统Encrypted state detection method and system 技术领域Technical field
本发明涉及网络信息安全技术领域,特别是涉及一种加密状态检测方法和系统。The present invention relates to the field of network information security technologies, and in particular, to an encryption state detection method and system.
背景技术Background technique
目前随着互联网技术应用的越来越广泛,人们很多的日常工作和娱乐都在网络上进行。人们通过网页浏览器浏览网页,获取有用的信息和数据,进行在线联系和交流。At present, with the increasing use of Internet technology, many daily work and entertainment are carried out on the Internet. People browse the web through a web browser to get useful information and data for online contact and communication.
传统的网页加密只限于单一的软件加密方式,加密方式也主要是保护密码之类的信息,WEB后台中的内容容易被爬虫、恶意软件、搜索引擎等攻击和抓取,导致信息不安全。Traditional web encryption is limited to a single software encryption method. The encryption method mainly protects information such as passwords. The content in the WEB background is easily attacked and crawled by crawlers, malware, search engines, etc., resulting in insecure information.
发明内容Summary of the invention
基于此,有必要针对上述问题,提供一种提高加密安全性的加密状态检测方法和系统。Based on this, it is necessary to provide an encryption state detection method and system for improving encryption security in response to the above problems.
一种加密状态检测方法,包括以下步骤:An encryption state detection method includes the following steps:
通过客户端显示登录网页界面,接收加密密钥并发送至服务端;Display the login web interface through the client, receive the encryption key and send it to the server;
通过所述服务端检测是否有接入解锁硬件设备,得到检测结果;The server detects whether there is an access unlocking hardware device, and obtains a detection result;
通过所述服务端根据所述检测结果判断所述加密密钥是否具有显示权限,并生成判断结果发送至所述客户端;Determining, by the server, whether the encryption key has display authority according to the detection result, and generating a determination result and sending the result to the client;
通过所述客户端推送所述判断结果。The judgment result is pushed by the client.
一种加密状态检测系统,包括:An encryption state detection system includes:
登录模块,用于通过客户端显示登录网页界面,接收加密密钥并发送至服务端;The login module is configured to display the login webpage interface through the client, receive the encryption key, and send the encryption key to the server;
检测模块,用于通过所述服务端检测是否有接入解锁硬件设备,得到检测结果; a detecting module, configured to detect, by the server, whether an unlocking hardware device is accessed, and obtain a detection result;
判断模块,用于通过所述服务端根据所述检测结果判断所述加密密钥是否具有显示权限,并生成判断结果发送至所述客户端;a determining module, configured to determine, by the server, whether the encryption key has display permission according to the detection result, and generate a determination result and send the result to the client;
推送模块,用于通过所述客户端推送所述判断结果。a pushing module, configured to push the determination result by the client.
上述加密状态检测方法和系统,通过客户端显示登录网页界面,接收加密密钥并发送至服务端;通过服务端检测是否有接入解锁硬件设备,得到检测结果。通过服务端根据检测结果判断加密密钥是否具有显示权限,并生成判断结果发送至客户端;通过客户端推送判断结果。通过软件结合硬件判断加密密钥是否具有显示权限,并推送判断结果以告知用户是否有限制访问,对登陆人员进行限制,避免访问内容泄露,提高了加密安全性。The above-mentioned encryption state detecting method and system, through the client displaying the login webpage interface, receiving the encryption key and transmitting it to the server; and detecting whether there is access to the unlocking hardware device through the server, the detection result is obtained. The server determines whether the encryption key has display permission according to the detection result, and generates a judgment result to be sent to the client; and the judgment result is pushed by the client. The software combines hardware to determine whether the encryption key has display permission, and pushes the judgment result to inform the user whether there is restricted access, restricts the login personnel, avoids leakage of access content, and improves encryption security.
附图说明DRAWINGS
图1为一实施例中加密状态检测方法的流程图;1 is a flowchart of an encryption state detecting method in an embodiment;
图2为另一实施例中加密状态检测方法的流程图;2 is a flowchart of a method for detecting an encryption state in another embodiment;
图3为一实施例中加密状态检测系统的结构图;3 is a structural diagram of an encryption state detecting system in an embodiment;
图4为另一实施例中加密状态检测系统的结构图。4 is a structural diagram of an encryption state detecting system in another embodiment.
具体实施方式detailed description
一种加密状态检测方法,可应用于网页内容访问,或其他应用程序的内容访问等场景。如图1所示,加密状态检测方法包括以下步骤:An encryption state detection method, which can be applied to web content access, or content access of other applications. As shown in FIG. 1, the encryption state detection method includes the following steps:
步骤S140:通过客户端显示登录网页界面,接收加密密钥并发送至服务端。Step S140: The login webpage interface is displayed by the client, and the encryption key is received and sent to the server.
客户端具体可以是台式电脑或笔记本电脑等终端设备,服务端具体可以是后台服务器等设备。通过客户端显示登录网页界面,用户可在登录网页界面的对话框中输入加密密钥,客户端接收加密密钥后发送至服务端。进一步地,当用户输入加密密钥的时候,还可通过客户端向广域网服务端查询对应的限制信息,同时自动把限制信息发送到后台的服务端中。The client may be a terminal device such as a desktop computer or a notebook computer, and the server may be a background server or the like. The client displays the login webpage interface. The user can enter the encryption key in the dialog box of the login webpage interface. The client receives the encryption key and sends it to the server. Further, when the user inputs the encryption key, the client may also query the WAN server for the corresponding restriction information, and automatically send the restriction information to the server in the background.
步骤S150:通过服务端检测是否有接入解锁硬件设备,得到检测结果。Step S150: The server detects whether there is an access unlocking hardware device, and obtains a detection result.
用户登陆到某个后台服务器的网页中,同时可使用相应的解锁硬件设备。 可以得知,检测结果包括两种:服务端接入有解锁硬件设备,或服务端未接入解锁硬件设备。如果服务端有相应的解锁硬件设备,则说明限制信息可以解开;否则不能解开,用户只能进行有限的操作。The user logs into the web page of a background server and can use the corresponding unlock hardware device. It can be known that the detection result includes two types: the server accesses the unlocked hardware device, or the server does not access the unlocked hardware device. If the server has the corresponding unlock hardware device, the restriction information can be unlocked; otherwise, the user cannot perform the limited operation.
步骤S160:通过服务端根据检测结果判断加密密钥是否具有显示权限,并生成判断结果发送至客户端。Step S160: The server determines whether the encryption key has display authority according to the detection result, and generates a determination result and sends the result to the client.
根据解锁硬件设备的检测结果,软件结合硬件判断加密密钥的权限得到判断结果。在其中一个实施例中,步骤S160中通过服务端根据检测结果判断加密密钥是否具有显示权限,具体包括步骤162至步骤168。According to the detection result of the unlocked hardware device, the software combines the hardware to determine the authority of the encryption key to obtain a judgment result. In one embodiment, in step S160, the server determines whether the encryption key has display authority according to the detection result, and specifically includes steps 162 to 168.
步骤162:若服务端有接入解锁硬件设备,则获取解锁硬件设备预存的解锁数据。如果检测到解锁硬件设备,则提取其中存储的解锁数据。Step 162: If the server has an access unlocking hardware device, obtain unlock data pre-stored by the unlocking hardware device. If an unlocked hardware device is detected, the unlock data stored therein is extracted.
步骤164:根据解锁数据判断加密密钥是否具有显示权限,得到判断结果。解锁数据具体可以包括用户数量和管理终端数量等,用户数量用于限制用户登入的数量,管理终端数量用于限制登录同一用户的客户端的数量。客户端在发送加密密钥时也可同时将查询得到的限制信息一并发送至服务端,服务端将解锁数据与限制信息进行比较,并以解锁数据为准确定加密密钥的权限。比如解锁硬件设备中的用户登陆数量为1的话,则只可以让一个用户登陆。服务端后台记录同一个帐户有多少个登陆数,如果同一用户再次登陆的话则把它踢下线,即不具备显示权限。管理终端数量也是类似,不仅如此,解锁硬件设备还可以存储其它数据来做更多的限制。Step 164: Determine whether the encryption key has display authority according to the unlocking data, and obtain a determination result. The unlocking data may specifically include the number of users and the number of management terminals, etc. The number of users is used to limit the number of user logins, and the number of management terminals is used to limit the number of clients that log in to the same user. When the client sends the encryption key, the restriction information obtained by the query may be sent to the server at the same time, and the server compares the unlock data with the restriction information, and determines the authority of the encryption key based on the unlock data. For example, if the number of user logins in the unlocked hardware device is 1, only one user can log in. The server backend records how many logins are in the same account. If the same user logs in again, it will be kicked off the line, that is, it does not have display permission. The number of management terminals is similar. Not only that, but the unlocking hardware device can also store other data to make more restrictions.
进一步地,步骤164可包括以下步骤:检测加密密钥的登录次数是否大于解锁数据限定的权限次数。若是,则加密密钥不具备显示权限;若否,则加密密钥具备显示权限,得到判断结果。通过比较加密密钥的登录次数和解锁数据限定的权限次数,确定此次登入加密密钥是否具备显示权限,得到判断结果。Further, step 164 may include the step of detecting whether the number of logins of the encryption key is greater than the number of permissions defined by the unlock data. If yes, the encryption key does not have display permission; if not, the encryption key has display permission, and the judgment result is obtained. By comparing the number of logins of the encryption key and the number of permissions defined by the unlocking data, it is determined whether the login encryption key has display permission, and the judgment result is obtained.
步骤166:若服务端未接入解锁硬件设备,则获取加密密钥对应的限制信息。如果服务器没有接入解锁硬件设备,获取加密密钥初始对应的限制信息。Step 166: If the server does not access the unlocking hardware device, obtain the restriction information corresponding to the encryption key. If the server does not access the unlocking hardware device, obtain the restriction information corresponding to the initial encryption key.
步骤168:根据限制信息判断加密密钥是否具有显示权限,得到判断结果。类似的,限制信息同样可以包括用户数量和管理终端数量等。步骤168同样 可包括以下步骤:检测加密密钥的登录次数是否大于限制信息限定的权限次数;若是,则加密密钥不具备显示权限;若否,则加密密钥具备显示权限,得到判断结果。通过比较加密密钥的登录次数和限制信息限定的权限次数,确定此次登入加密密钥是否具备显示权限,得到判断结果。Step 168: Determine whether the encryption key has display authority according to the restriction information, and obtain a determination result. Similarly, the restriction information may also include the number of users and the number of management terminals. Step 168 is the same The method may include the following steps: detecting whether the number of logins of the encryption key is greater than the number of permissions defined by the restriction information; if yes, the encryption key does not have the display permission; if not, the encryption key has the display permission, and the determination result is obtained. By comparing the number of logins of the encryption key with the number of permissions defined by the restriction information, it is determined whether the login encryption key has display permission, and the judgment result is obtained.
进一步地,步骤168之后,步骤S160还包括将判断结果发送至客户端的步骤。将得到的判断结果发送至客户端以便进行推送。Further, after step 168, step S160 further includes the step of transmitting the determination result to the client. The obtained judgment result is sent to the client for pushing.
本实施例中根据服务端是否接入解锁硬件设备的实际情况,分别利用解锁数据和限制信息来判断加密密钥是否有显示权限。由于在广域网中存储有客户端唯一的硬件标识信息与加密密钥进行匹配。用户在登陆中,服务端后台通过查询广域网服务器中的信息,可知道加密密钥已登入的用户数量和管理终端数量等信息,可实现对登陆人员的访问限制。In this embodiment, according to the actual situation that the server is connected to the unlocked hardware device, the unlocking data and the restriction information are respectively used to determine whether the encryption key has display permission. Since the unique hardware identification information of the client stored in the WAN is matched with the encryption key. When the user logs in, the server backend can query the information in the WAN server to know the number of users who have logged in the encryption key and the number of management terminals, and can realize the access restriction on the logged-in person.
步骤S170:通过客户端推送判断结果。利用客户端推送判断结果,告知用户是否有限制显示访问。以网页内容访问为例,推送判断结果具体可以是通过客户页面显示相关信息,如显示“具备页面显示权限”或“不具备页面显示权限”等信息;也可以是通过语音播报或其他方式告知用户判断结果。Step S170: Push the judgment result by the client. Use the client to push the judgment result to inform the user whether there is a restriction on the display access. Taking web content access as an example, the push judgment result may specifically display relevant information through the customer page, such as displaying information such as “having page display permission” or “not having page display permission”; or may notify the user by voice broadcast or other means. critical result.
上述加密状态检测方法,通过软件结合硬件判断加密密钥是否具有显示权限,并推送判断结果以告知用户是否有限制访问,对登陆人员进行限制,避免访问内容泄露,提高了加密安全性。The above-mentioned encryption state detecting method determines whether the encryption key has display authority through software and hardware, and pushes the judgment result to inform the user whether there is restricted access, restricts the login personnel, avoids leakage of access content, and improves encryption security.
在其中一个实施例中,步骤S150之后,加密状态检测方法还包括以下步骤:In one embodiment, after step S150, the encryption state detecting method further includes the following steps:
通过服务端根据预设的密钥列表对加密密钥进行认证,得到认证结果。步骤S160中通过服务端根据检测结果判断加密密钥是否具有显示权限具体为,通过服务端根据检测结果和认证结果判断加密密钥是否具有显示权限。在服务端接收加密密钥后,可启动解密应用程序并传入加密密钥,通过解密应用程序来检测解锁硬件设备是否插入,以及检测加密密钥是否有效。The server authenticates the encryption key according to the preset key list, and obtains the authentication result. In the step S160, the server determines whether the encryption key has the display authority according to the detection result. The server determines whether the encryption key has display authority according to the detection result and the authentication result. After receiving the encryption key on the server, the decryption application can be started and the encryption key can be passed in, the decryption application can be used to detect whether the unlocked hardware device is inserted, and whether the encryption key is valid.
进一步地,通过服务端根据预设的密钥列表对加密密钥进行认证,得到认证结果的步骤,具体包括:判断加密密钥是否存储于密钥列表中;若是,则加密密钥为正确密钥;若否,则加密密钥为错误密钥,得到认证结果。在 得到检测结果后,还对加密密钥进行认证,确认加密密钥的有效性。例如服务端可将注册成功的加密密钥存入密钥列表,接收到客户端发送的加密密钥后,判断是否存储在密钥列表中,若是,则说明加密密钥有效,若否,则说明加密密钥无效。Further, the step of authenticating the encryption key according to the preset key list by the server to obtain the authentication result includes: determining whether the encryption key is stored in the key list; if yes, the encryption key is correct Key; if not, the encryption key is the wrong key and the authentication result is obtained. In After the detection result is obtained, the encryption key is also authenticated to confirm the validity of the encryption key. For example, the server can store the encrypted encryption key in the key list, and after receiving the encryption key sent by the client, determine whether it is stored in the key list. If yes, the encryption key is valid. If not, then The encryption key is invalid.
通过服务端根据检测结果和认证结果判断加密密钥是否具有显示权限,具体可以是先将加密密钥与解锁数据或限制信息进行比较,详见步骤162至步骤168。例如若加密密钥的登录次数不大于解锁数据或限制信息限定的权限次数,可认为加密密钥具备初步权限,此时若检测到加密密钥有效,则最终确认加密密钥具备显示权限。The server determines whether the encryption key has display permission according to the detection result and the authentication result. Specifically, the encryption key is first compared with the unlock data or the restriction information. For details, refer to step 162 to step 168. For example, if the number of logins of the encryption key is not greater than the number of permissions defined by the unlock data or the restriction information, the encryption key may be considered to have a preliminary authority. If the encryption key is detected to be valid, the encryption key is finally confirmed to have the display authority.
本实施例中在得到检测结果后,还对加密密钥进行认证,确认加密密钥的有效性。结合检测结果和认证结果来确认加密密钥的权限,即是以上两种条件均满足时确认加密密钥具备权限,只要有一种条件不满足则认为加密密钥不具备权限,可进一步提高加密安全性。In this embodiment, after the detection result is obtained, the encryption key is also authenticated to confirm the validity of the encryption key. Combine the detection result and the authentication result to confirm the permission of the encryption key, that is, when both the above conditions are satisfied, the encryption key has the authority, and if there is a condition that is not satisfied, the encryption key does not have the authority, and the encryption security can be further improved. Sex.
在其中一个实施例中,如图2所示,步骤S140之前,加密状态检测方法还包括步骤S110至步骤S130。In one embodiment, as shown in FIG. 2, before step S140, the encryption state detecting method further includes steps S110 to S130.
步骤S110:通过客户端显示注册页面,接收用户名信息。具体可以在用户第一次开启客户端时,通过service进程自动调出注册界面,将用户输入的注册名作为用户名信息。Step S110: Display the registration page through the client, and receive the username information. Specifically, when the user starts the client for the first time, the registration process is automatically invoked through the service process, and the registered name input by the user is used as the user name information.
步骤S120:通过客户端读取硬件标识信息,并将用户名信息和硬件标识信息发送至服务端。同样通过service进程读取客户端的硬件标识信息,并将用户名信息和硬件标识信息发送至服务端,此外也可将客户端的硬件标识信息发送至广域网服务器存储,以便后续再次调用。Step S120: The hardware identification information is read by the client, and the username information and the hardware identification information are sent to the server. The hardware identification information of the client is also read by the service process, and the user name information and the hardware identification information are sent to the server. In addition, the hardware identification information of the client may be sent to the WAN server for storage to be called again.
步骤S130:通过服务端对用户名信息和硬件标识信息进行匹配,并将用户名信息作为加密密钥进行存储。服务端对用户名信息和硬件标识信息进行匹配,如果匹配成功,则用户注册成功并能用于其它地方登陆,把用户名作为加密密钥进行存储。Step S130: matching the username information and the hardware identifier information by the server, and storing the username information as an encryption key. The server matches the username information and the hardware identification information. If the matching is successful, the user is successfully registered and can be used for logging in elsewhere, and the username is stored as an encryption key.
步骤S110至步骤S130即是提供了用户注册功能,便于登录人员的管理。各注册用户对应设置有限制,比如最多可以同时打开多少软件,最多可以几 人同时使用等,通过在服务端接入解锁硬件设备可以解锁这些限制。Steps S110 to S130 provide a user registration function to facilitate management of the login personnel. There are restrictions on the corresponding settings of each registered user, for example, how many software can be opened at the same time, up to a few When people use the same at the same time, these restrictions can be unlocked by accessing the unlocking hardware device at the server.
在其中一个实施例中,步骤S170之后,加密状态检测方法还包括以下步骤:In one embodiment, after step S170, the encryption state detecting method further includes the following steps:
若判断结果为加密密钥具有显示权限,通过客户端在接收显示指令后显示访问内容。If the result of the judgment is that the encryption key has display authority, the client displays the access content after receiving the display instruction.
如果用户登入的加密密钥具有显示权限,在客户端推送判断结果后,用户可通过客户端输入显示指令,控制客户端显示访问内容以便用户查看,提高操作便利性。If the encryption key that the user logs in has the display permission, after the client pushes the judgment result, the user can input a display instruction through the client, and control the client to display the access content for the user to view, thereby improving the convenience of operation.
本发明还提供了一种加密状态检测系统,可应用于网页内容访问,或其他应用程序的内容访问等场景。如图3所示,加密状态检测系统包括登录模块140、检测模块150、判断模块160和推送模块170。The invention also provides an encryption state detection system, which can be applied to web content access, or content access of other applications. As shown in FIG. 3, the encryption state detection system includes a login module 140, a detection module 150, a determination module 160, and a push module 170.
登录模块140用于通过客户端显示登录网页界面,接收加密密钥并发送至服务端。The login module 140 is configured to display the login webpage interface through the client, receive the encryption key, and send the encryption key to the server.
客户端具体可以是台式电脑或笔记本电脑等终端设备,服务端具体可以是后台服务器等设备。通过客户端显示登录网页界面,用户可在登录网页界面的对话框中输入加密密钥,客户端接收加密密钥后发送至服务端。进一步地,当用户输入加密密钥的时候,还可通过客户端向广域网服务端查询对应的限制信息,同时自动把限制信息发送到后台的服务端中。The client may be a terminal device such as a desktop computer or a notebook computer, and the server may be a background server or the like. The client displays the login webpage interface. The user can enter the encryption key in the dialog box of the login webpage interface. The client receives the encryption key and sends it to the server. Further, when the user inputs the encryption key, the client may also query the WAN server for the corresponding restriction information, and automatically send the restriction information to the server in the background.
检测模块150用于通过服务端检测是否有接入解锁硬件设备,得到检测结果。The detecting module 150 is configured to detect, by the server, whether there is an access unlocking hardware device, and obtain a detection result.
用户登陆到某个后台服务器的网页中,同时可使用相应的解锁硬件设备。可以得知,检测结果包括两种:服务端接入有解锁硬件设备,或服务端未接入解锁硬件设备。如果服务端有相应的解锁硬件设备,则说明限制信息可以解开;否则不能解开,用户只能进行有限的操作。The user logs into the web page of a background server and can use the corresponding unlock hardware device. It can be known that the detection result includes two types: the server accesses the unlocked hardware device, or the server does not access the unlocked hardware device. If the server has the corresponding unlock hardware device, the restriction information can be unlocked; otherwise, the user cannot perform the limited operation.
判断模块160用于通过服务端根据检测结果判断加密密钥是否具有显示权限,并生成判断结果发送至客户端。The determining module 160 is configured to determine, by the server according to the detection result, whether the encryption key has display permission, and generate a determination result and send the result to the client.
根据解锁硬件设备的检测结果,软件结合硬件判断加密密钥的权限得到 判断结果。在其中一个实施例中,判断模块160包括第一处理单元、第一判断单元、第二处理单元、第二判断单元和发送单元。According to the detection result of the unlocked hardware device, the software determines the permission of the encryption key in combination with the hardware. critical result. In one of the embodiments, the determining module 160 includes a first processing unit, a first determining unit, a second processing unit, a second determining unit, and a transmitting unit.
第一处理单元用于在服务端有接入解锁硬件设备时,获取解锁硬件设备预存的解锁数据。如果检测到解锁硬件设备,则提取其中存储的解锁数据。The first processing unit is configured to acquire unlock data pre-stored by the unlocking hardware device when the server has access to the unlocking hardware device. If an unlocked hardware device is detected, the unlock data stored therein is extracted.
第一判断单元用于根据解锁数据判断加密密钥是否具有显示权限,得到判断结果。解锁数据具体可以包括用户数量和管理终端数量等,用户数量用于限制用户登入的数量,管理终端数量用于限制登录同一用户的客户端的数量。客户端在发送加密密钥时也可同时将查询得到的限制信息一并发送至服务端,服务端将解锁数据与限制信息进行比较,并以解锁数据为准确定加密密钥的权限。比如解锁硬件设备中的用户登陆数量为1的话,则只可以让一个用户登陆。服务端后台会记录同一个帐户有多少个登陆数,如果同一用户再次登陆的话则把它踢下线,即不具备显示权限。管理终端数量也是类似,不仅如此,解锁硬件设备还可以存储其它数据来做更多的限制。The first determining unit is configured to determine, according to the unlocking data, whether the encryption key has display authority, and obtain a determination result. The unlocking data may specifically include the number of users and the number of management terminals, etc. The number of users is used to limit the number of user logins, and the number of management terminals is used to limit the number of clients that log in to the same user. When the client sends the encryption key, the restriction information obtained by the query may be sent to the server at the same time, and the server compares the unlock data with the restriction information, and determines the authority of the encryption key based on the unlock data. For example, if the number of user logins in the unlocked hardware device is 1, only one user can log in. The server background records how many logins are in the same account. If the same user logs in again, it will be kicked off the line, that is, there is no display permission. The number of management terminals is similar. Not only that, but the unlocking hardware device can also store other data to make more restrictions.
进一步地,第一判断单元根据解锁数据判断加密密钥是否具有显示权限,得到判断结果具体包括:检测加密密钥的登录次数是否大于解锁数据限定的权限次数。若是,则加密密钥不具备显示权限;若否,则加密密钥具备显示权限,得到判断结果。通过比较加密密钥的登录次数和解锁数据限定的权限次数,确定此次登入加密密钥是否具备显示权限,得到判断结果。Further, the first determining unit determines whether the encryption key has display authority according to the unlocking data, and the obtaining the determining result specifically includes: detecting whether the number of logins of the encryption key is greater than the number of times defined by the unlocking data. If yes, the encryption key does not have display permission; if not, the encryption key has display permission, and the judgment result is obtained. By comparing the number of logins of the encryption key and the number of permissions defined by the unlocking data, it is determined whether the login encryption key has display permission, and the judgment result is obtained.
第二处理单元用于在服务端未接入解锁硬件设备时,获取加密密钥对应的限制信息。如果服务器没有接入解锁硬件设备,获取加密密钥初始对应的限制信息。The second processing unit is configured to obtain the restriction information corresponding to the encryption key when the server does not access the unlocking hardware device. If the server does not access the unlocking hardware device, obtain the restriction information corresponding to the initial encryption key.
第二判断单元用于根据限制信息判断加密密钥是否具有显示权限,得到判断结果。类似的,限制信息同样可以包括用户数量和管理终端数量等。第二判断单元根据限制信息判断加密密钥是否具有显示权限,得到判断结果具体可包括:检测加密密钥的登录次数是否大于限制信息限定的权限次数;若是,则加密密钥不具备显示权限;若否,则加密密钥具备显示权限,得到判断结果。通过比较加密密钥的登录次数和限制信息限定的权限次数,确定此次登入加密密钥是否具备显示权限,得到判断结果。 The second determining unit is configured to determine, according to the restriction information, whether the encryption key has display permission, and obtain a determination result. Similarly, the restriction information may also include the number of users and the number of management terminals. The second judging unit judges whether the encryption key has the display authority according to the restriction information, and the determining result may include: detecting whether the number of logins of the encryption key is greater than the number of times of the restriction defined by the restriction information; if yes, the encryption key does not have the display permission; If not, the encryption key has display permission and the judgment result is obtained. By comparing the number of logins of the encryption key with the number of permissions defined by the restriction information, it is determined whether the login encryption key has display permission, and the judgment result is obtained.
发送单元用于将判断结果发送至客户端。The sending unit is configured to send the judgment result to the client.
本实施例中根据服务端是否接入解锁硬件设备的实际情况,分别利用解锁数据和限制信息来判断加密密钥是否有显示权限。由于在广域网中存储有客户端唯一的硬件标识信息与加密密钥进行匹配。用户在登陆中,服务端后台通过查询广域网服务器中的信息,可知道加密密钥已登入的用户数量和管理终端数量等信息,可实现对登陆人员的访问限制。In this embodiment, according to the actual situation that the server is connected to the unlocked hardware device, the unlocking data and the restriction information are respectively used to determine whether the encryption key has display permission. Since the unique hardware identification information of the client stored in the WAN is matched with the encryption key. When the user logs in, the server backend can query the information in the WAN server to know the number of users who have logged in the encryption key and the number of management terminals, and can realize the access restriction on the logged-in person.
推送模块170用于通过客户端推送判断结果。利用客户端推送判断结果,告知用户是否有限制访问。以网页内容访问为例,推送判断结果具体可以是通过客户页面显示相关信息,如显示“具备页面显示权限”或“不具备页面显示权限”等信息;也可以是通过语音播报或其他方式告知用户判断结果。The push module 170 is configured to push the judgment result through the client. Use the client to push the judgment result to inform the user whether there is restricted access. Taking web content access as an example, the push judgment result may specifically display relevant information through the customer page, such as displaying information such as “having page display permission” or “not having page display permission”; or may notify the user by voice broadcast or other means. critical result.
上述加密状态检测系统,通过软件结合硬件判断加密密钥是否具有显示权限,并推送判断结果以告知用户是否有限制访问,对登陆人员进行限制,避免访问内容泄露,提高了加密安全性。The above-mentioned encryption state detection system determines whether the encryption key has display authority through software and hardware, and pushes the judgment result to inform the user whether there is restricted access, restricts the login personnel, avoids leakage of access content, and improves encryption security.
在其中一个实施例中,加密状态检测系统还包括密钥认证模块,密钥认证模块用于在检测模块150通过服务端检测是否有接入解锁硬件设备,得到检测结果后,通过服务端根据预设的密钥列表对加密密钥进行认证,得到认证结果。判断模块160通过服务端根据检测结果判断加密密钥是否具有显示权限具体为,通过服务端根据检测结果和认证结果判断加密密钥是否具有显示权限。在服务端接收加密密钥后,可启动解密应用程序并传入加密密钥,通过解密应用程序来检测解锁硬件设备是否插入,以及检测加密密钥是否有效。In one embodiment, the encryption state detection system further includes a key authentication module, and the key authentication module is configured to detect, by the server, whether the access device unlocks the hardware device through the server, and obtains the detection result, and then The key list is set to authenticate the encryption key and obtain the authentication result. The determining module 160 determines whether the encryption key has the display authority according to the detection result, and determines whether the encryption key has the display authority according to the detection result and the authentication result by the server. After receiving the encryption key on the server, the decryption application can be started and the encryption key can be passed in, the decryption application can be used to detect whether the unlocked hardware device is inserted, and whether the encryption key is valid.
进一步地,密钥认证模块通过服务端根据预设的密钥列表对加密密钥进行认证,得到认证结果具体包括:判断加密密钥是否存储于密钥列表中;若是,则加密密钥为正确密钥;若否,则加密密钥为错误密钥,得到认证结果。在得到检测结果后,还对加密密钥进行认证,确认加密密钥的有效性。例如服务端可将注册成功的加密密钥存入密钥列表,接收到客户端发送的加密密钥后,判断是否存储在密钥列表中,若是,则说明加密密钥有效,若否,则说明加密密钥无效。 Further, the key authentication module authenticates the encryption key according to the preset key list by the server, and the obtaining the authentication result specifically includes: determining whether the encryption key is stored in the key list; if yes, the encryption key is correct Key; if not, the encryption key is the wrong key and the authentication result is obtained. After the detection result is obtained, the encryption key is also authenticated to confirm the validity of the encryption key. For example, the server can store the encrypted encryption key in the key list, and after receiving the encryption key sent by the client, determine whether it is stored in the key list. If yes, the encryption key is valid. If not, then The encryption key is invalid.
通过服务端根据检测结果和认证结果判断加密密钥是否具有显示权限,具体可以是先将加密密钥与解锁数据或限制信息进行比较。例如若加密密钥的登录次数不大于解锁数据或限制信息限定的权限次数,可认为加密密钥具备初步权限,此时若检测到加密密钥有效,则最终确认加密密钥具备显示权限。The server determines whether the encryption key has display permission according to the detection result and the authentication result. Specifically, the encryption key is first compared with the unlock data or the restriction information. For example, if the number of logins of the encryption key is not greater than the number of permissions defined by the unlock data or the restriction information, the encryption key may be considered to have a preliminary authority. If the encryption key is detected to be valid, the encryption key is finally confirmed to have the display authority.
本实施例中在得到检测结果后,还对加密密钥进行认证,确认加密密钥的有效性。结合检测结果和认证结果来确认加密密钥的权限,即是以上两种条件均满足时确认加密密钥具备权限,只要有一种条件不满足则认为加密密钥不具备权限,可进一步提高加密安全性。In this embodiment, after the detection result is obtained, the encryption key is also authenticated to confirm the validity of the encryption key. Combine the detection result and the authentication result to confirm the permission of the encryption key, that is, when both the above conditions are satisfied, the encryption key has the authority, and if there is a condition that is not satisfied, the encryption key does not have the authority, and the encryption security can be further improved. Sex.
在其中一个实施例中,如图4所示,加密状态检测系统还包括注册页面显示模块110、标识信息读取模块120和信息匹配存储模块130。In one embodiment, as shown in FIG. 4, the encryption status detection system further includes a registration page display module 110, an identification information reading module 120, and an information matching storage module 130.
注册页面显示模块110用于在登录模块140通过客户端显示登录网页界面,接收加密密钥并发送至服务端之前,通过客户端显示注册页面,接收用户名信息。具体可以在用户第一次开启客户端时,通过service进程自动调出注册界面,将用户输入自己的注册名作为用户名信息。The registration page display module 110 is configured to: after the login module 140 displays the login webpage interface through the client, receive the encryption key and send it to the server, display the registration page through the client, and receive the username information. Specifically, when the user starts the client for the first time, the registration process is automatically invoked through the service process, and the user inputs the registration name as the user name information.
标识信息读取模块120用于通过客户端读取硬件标识信息,并将用户名信息和硬件标识信息发送至服务端。同样通过service进程读取客户端的硬件标识信息,并将用户名信息和硬件标识信息发送至服务端,此外也可将客户端的硬件标识信息发送至广域网服务器存储,以便后续再次调用。The identification information reading module 120 is configured to read the hardware identification information by using the client, and send the user name information and the hardware identification information to the server. The hardware identification information of the client is also read by the service process, and the user name information and the hardware identification information are sent to the server. In addition, the hardware identification information of the client may be sent to the WAN server for storage to be called again.
信息匹配存储模块130用于通过服务端对用户名信息和硬件标识信息进行匹配,并将用户名信息作为加密密钥进行存储。服务端对用户名信息和硬件标识信息进行匹配,如果匹配成功,则用户注册成功并能用于其它地方登陆,把用户名作为加密密钥进行存储。The information matching storage module 130 is configured to match the username information and the hardware identification information by using the server, and store the username information as an encryption key. The server matches the username information and the hardware identification information. If the matching is successful, the user is successfully registered and can be used for logging in elsewhere, and the username is stored as an encryption key.
本实施例中即是提供了用户注册功能,便于登录人员的管理。各注册用户对应设置有限制,比如最多可以同时打开多少软件,最多可以几人同时使用等,通过在服务端接入解锁硬件设备可以解锁这些限制。In this embodiment, a user registration function is provided to facilitate management of the login personnel. There are restrictions on the corresponding settings of each registered user. For example, how many software can be opened at the same time, and up to several people can use it at the same time. These restrictions can be unlocked by accessing the unlocking hardware device on the server.
在其中一个实施例中,加密状态检测系统还包括页面显示模块,页面显示模块用于在推送模块170通过客户端推送判断结果后,若判断结果为加密 密钥具有显示权限,通过客户端在接收显示指令后显示访问内容。In one embodiment, the encryption status detection system further includes a page display module, and the page display module is configured to: after the push module 170 pushes the determination result through the client, if the determination result is encrypted The key has display permission, and the client displays the access content after receiving the display instruction.
如果用户登入的加密密钥具有显示权限,在客户端推送判断结果后,用户可通过客户端输入显示指令,控制客户端显示访问内容以便用户查看,提高操作便利性。If the encryption key that the user logs in has the display permission, after the client pushes the judgment result, the user can input a display instruction through the client, and control the client to display the access content for the user to view, thereby improving the convenience of operation.
以上所述实施例的各技术特征可以进行任意的组合,为使描述简洁,未对上述实施例中的各个技术特征所有可能的组合都进行描述,然而,只要这些技术特征的组合不存在矛盾,都应当认为是本说明书记载的范围。The technical features of the above-described embodiments may be arbitrarily combined. For the sake of brevity of description, all possible combinations of the technical features in the above embodiments are not described. However, as long as there is no contradiction between the combinations of these technical features, All should be considered as the scope of this manual.
以上所述实施例仅表达了本发明的几种实施方式,其描述较为具体和详细,但并不能因此而理解为对发明专利范围的限制。应当指出的是,对于本领域的普通技术人员来说,在不脱离本发明构思的前提下,还可以做出若干变形和改进,这些都属于本发明的保护范围。因此,本发明专利的保护范围应以所附权利要求为准。 The above-described embodiments are merely illustrative of several embodiments of the present invention, and the description thereof is more specific and detailed, but is not to be construed as limiting the scope of the invention. It should be noted that a number of variations and modifications may be made by those skilled in the art without departing from the spirit and scope of the invention. Therefore, the scope of the invention should be determined by the appended claims.

Claims (10)

  1. 一种加密状态检测方法,其特征在于,包括以下步骤:An encryption state detecting method, comprising the steps of:
    通过客户端显示登录网页界面,接收加密密钥并发送至服务端;Display the login web interface through the client, receive the encryption key and send it to the server;
    通过所述服务端检测是否有接入解锁硬件设备,得到检测结果;The server detects whether there is an access unlocking hardware device, and obtains a detection result;
    通过所述服务端根据所述检测结果判断所述加密密钥是否具有显示权限,并生成判断结果发送至所述客户端;Determining, by the server, whether the encryption key has display authority according to the detection result, and generating a determination result and sending the result to the client;
    通过所述客户端推送所述判断结果。The judgment result is pushed by the client.
  2. 根据权利要求1所述的加密状态检测方法,其特征在于,通过所述服务端根据所述检测结果判断所述加密密钥是否具有显示权限,包括以下步骤:The encryption state detecting method according to claim 1, wherein the server determines whether the encryption key has display authority according to the detection result, and includes the following steps:
    若所述服务端有接入解锁硬件设备,则获取所述解锁硬件设备预存的解锁数据;Obtaining unlock data pre-stored by the unlocking hardware device, if the server has an access unlocking hardware device;
    根据所述解锁数据判断所述加密密钥是否具有显示权限,得到所述判断结果;Determining, according to the unlocking data, whether the encryption key has display authority, and obtaining the determination result;
    若所述服务端未接入解锁硬件设备,则获取所述加密密钥对应的限制信息;Obtaining the restriction information corresponding to the encryption key if the server is not connected to the unlocking hardware device;
    根据所述限制信息判断所述加密密钥是否具有显示权限,得到所述判断结果。Determining whether the encryption key has display authority according to the restriction information, and obtaining the determination result.
  3. 根据权利要求2所述的加密状态检测方法,其特征在于,根据所述解锁数据判断所述加密密钥是否具有显示权限,得到所述判断结果的步骤,包括以下步骤:The encryption state detecting method according to claim 2, wherein the step of determining whether the encryption key has display authority based on the unlocking data, and obtaining the determination result comprises the following steps:
    检测所述加密密钥的登录次数是否大于所述解锁数据限定的权限次数;Detecting whether the number of logins of the encryption key is greater than the number of permissions defined by the unlocking data;
    若是,则所述加密密钥不具备显示权限;If yes, the encryption key does not have display permission;
    若否,则所述加密密钥具备显示权限,得到所述判断结果。If not, the encryption key has display authority, and the determination result is obtained.
  4. 根据权利要求1所述的加密状态检测方法,其特征在于,通过所述服务端检测是否有接入解锁硬件设备,得到检测结果之后,还包括以下步骤:The method for detecting an encryption state according to claim 1, wherein after the server detects whether there is an access unlocking hardware device and obtains the detection result, the method further includes the following steps:
    通过所述服务端根据预设的密钥列表对所述加密密钥进行认证,得到认证结果;The server encrypts the encryption key according to a preset key list, and obtains an authentication result;
    所述通过所述服务端根据所述检测结果判断所述加密密钥是否具有显示 权限为,通过所述服务端根据所述检测结果和认证结果判断所述加密密钥是否具有显示权限。Determining, by the server, whether the encryption key has a display according to the detection result The authority is that the server determines whether the encryption key has display authority according to the detection result and the authentication result.
  5. 根据权利要求4所述的加密状态检测方法,其特征在于,所述服务端根据预设的密钥列表判断对所述加密密钥进行认证,得到认证结果的步骤,包括以下步骤:The method for detecting an encryption state according to claim 4, wherein the step of the server determining the authentication of the encryption key according to the preset key list to obtain the authentication result comprises the following steps:
    判断所述加密密钥是否存储于所述密钥列表中;Determining whether the encryption key is stored in the key list;
    若是,则所述加密密钥为正确密钥;If yes, the encryption key is a correct key;
    若否,则所述加密密钥为错误密钥,得到所述认证结果。If not, the encryption key is an error key, and the authentication result is obtained.
  6. 根据权利要求1所述的加密状态检测方法,其特征在于,通过客户端显示登录网页界面,接收加密密钥并发送至服务端的步骤之前,还包括以下步骤:The encryption state detecting method according to claim 1, wherein before the step of displaying the login webpage interface by the client, receiving the encryption key, and transmitting to the server, the method further comprises the following steps:
    通过所述客户端显示注册页面,接收用户名信息;Receiving the user name information by displaying the registration page by the client;
    通过所述客户端读取硬件标识信息,并将所述用户名信息和硬件标识信息发送至所述服务端;Reading, by the client, hardware identification information, and sending the username information and hardware identification information to the server;
    通过所述服务端对所述用户名信息和硬件标识信息进行匹配,并将所述用户名信息作为加密密钥进行存储。The user name information and the hardware identification information are matched by the server, and the user name information is stored as an encryption key.
  7. 根据权利要求1所述的加密状态检测方法,其特征在于,所述通过所述客户端推送所述判断结果的步骤之后,还包括以下步骤:The encryption state detecting method according to claim 1, wherein after the step of pushing the determination result by the client, the method further comprises the following steps:
    若所述判断结果为加密密钥具有显示权限,通过所述客户端在接收显示指令后显示访问内容。If the result of the determination is that the encryption key has display authority, the client displays the access content after receiving the display instruction.
  8. 一种加密状态检测系统,其特征在于,包括:An encryption state detection system, comprising:
    登录模块,用于通过客户端显示登录网页界面,接收加密密钥并发送至服务端;The login module is configured to display the login webpage interface through the client, receive the encryption key, and send the encryption key to the server;
    检测模块,用于通过所述服务端检测是否有接入解锁硬件设备,得到检测结果;a detecting module, configured to detect, by the server, whether an unlocking hardware device is accessed, and obtain a detection result;
    判断模块,用于通过所述服务端根据所述检测结果判断所述加密密钥是否具有显示权限,并生成判断结果发送至所述客户端;a determining module, configured to determine, by the server, whether the encryption key has display permission according to the detection result, and generate a determination result and send the result to the client;
    推送模块,用于通过所述客户端推送所述判断结果。 a pushing module, configured to push the determination result by the client.
  9. 根据权利要求8所述的加密状态检测系统,其特征在于,还包括:The encryption state detection system according to claim 8, further comprising:
    注册页面显示模块,用于在登录模块通过客户端显示登录网页界面,接收加密密钥并发送至服务端之前,通过所述客户端显示注册页面,接收用户名信息;The registration page display module is configured to: after the login module displays the login webpage interface through the client, receive the encryption key and send it to the server, display the registration page through the client, and receive the username information;
    标识信息读取模块,用于通过所述客户端读取硬件标识信息,并将所述用户名信息和硬件标识信息发送至所述服务端;An identifier information reading module, configured to read hardware identification information by using the client, and send the user name information and hardware identification information to the server;
    信息匹配存储模块,用于通过所述服务端对所述用户名信息和硬件标识信息进行匹配,并将所述用户名信息作为加密密钥进行存储。The information matching storage module is configured to match the username information and the hardware identifier information by using the server, and store the username information as an encryption key.
  10. 根据权利要求8所述的加密状态检测系统,其特征在于,还包括页面显示模块,所述页面显示模块用于在推送模块通过所述客户端推送所述判断结果后,若所述判断结果为加密密钥具有显示权限,通过所述客户端在接收显示指令后显示访问内容。 The encryption state detection system according to claim 8, further comprising a page display module, wherein the page display module is configured to: after the pushing module pushes the determination result by the client, if the determination result is The encryption key has display rights through which the client displays the access content after receiving the display instruction.
PCT/CN2016/090715 2015-08-26 2016-07-20 Encryption state detection method and system WO2017032192A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510531804.9A CN105071993B (en) 2015-08-26 2015-08-26 Encrypted state detection method and system
CN201510531804.9 2015-08-26

Publications (1)

Publication Number Publication Date
WO2017032192A1 true WO2017032192A1 (en) 2017-03-02

Family

ID=54501280

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/090715 WO2017032192A1 (en) 2015-08-26 2016-07-20 Encryption state detection method and system

Country Status (2)

Country Link
CN (1) CN105071993B (en)
WO (1) WO2017032192A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111669348A (en) * 2019-03-05 2020-09-15 福建天晴数码有限公司 Account number retrieving method and computer readable storage medium

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105071993B (en) * 2015-08-26 2019-03-26 广州视睿电子科技有限公司 Encrypted state detection method and system

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2445242A1 (en) * 2009-08-11 2012-04-25 Huawei Device Co., Ltd. Method, system, server, and terminal for authentication in wireless local area network
CN103825738A (en) * 2013-12-31 2014-05-28 北京华虹集成电路设计有限责任公司 Registration information authentication method and device
CN104378334A (en) * 2013-08-15 2015-02-25 北京大学 Information processing method and system based on mobile device
CN105071993A (en) * 2015-08-26 2015-11-18 广州视睿电子科技有限公司 Encryption state detection method and system

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120124656A1 (en) * 2010-11-16 2012-05-17 Evolucard S/A Method and system for mobile device based authentication
JP5716390B2 (en) * 2010-12-27 2015-05-13 セイコーエプソン株式会社 Network communication method, network communication system, network communication device, and program thereof

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2445242A1 (en) * 2009-08-11 2012-04-25 Huawei Device Co., Ltd. Method, system, server, and terminal for authentication in wireless local area network
CN104378334A (en) * 2013-08-15 2015-02-25 北京大学 Information processing method and system based on mobile device
CN103825738A (en) * 2013-12-31 2014-05-28 北京华虹集成电路设计有限责任公司 Registration information authentication method and device
CN105071993A (en) * 2015-08-26 2015-11-18 广州视睿电子科技有限公司 Encryption state detection method and system

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111669348A (en) * 2019-03-05 2020-09-15 福建天晴数码有限公司 Account number retrieving method and computer readable storage medium
CN111669348B (en) * 2019-03-05 2022-04-01 福建天晴数码有限公司 Account number retrieving method and computer readable storage medium

Also Published As

Publication number Publication date
CN105071993B (en) 2019-03-26
CN105071993A (en) 2015-11-18

Similar Documents

Publication Publication Date Title
US11615386B1 (en) Block chain authentication systems and methods
EP2954451B1 (en) Barcode authentication for resource requests
US10826882B2 (en) Network-based key distribution system, method, and apparatus
US10742634B1 (en) Methods for single sign-on (SSO) using optical codes
KR102390108B1 (en) Information processing system and control method therefor
US10637650B2 (en) Active authentication session transfer
US8984597B2 (en) Protecting user credentials using an intermediary component
US8348157B2 (en) Dynamic remote peripheral binding
US9641521B2 (en) Systems and methods for network connected authentication
KR100920871B1 (en) Methods and systems for authentication of a user for sub-locations of a network location
US8015606B1 (en) Storage device with website trust indication
US20170086069A1 (en) System and Method of Authentication by Leveraging Mobile Devices for Expediting User Login and Registration Processes Online
US20080148046A1 (en) Real-Time Checking of Online Digital Certificates
US20090031125A1 (en) Method and Apparatus for Using a Third Party Authentication Server
CN105243314B (en) A kind of security system and its application method based on USB key
US9954853B2 (en) Network security
US20150328119A1 (en) Method of treating hair
WO2017032192A1 (en) Encryption state detection method and system
US11777927B1 (en) Monitoring system for providing a secure communication channel between a client computer and a hosting computer server
US11954195B2 (en) Multi-level authentication for shared device
JP2010262550A (en) Encryption system, encryption program, encryption method and cryptograph device
JP7174730B2 (en) Terminal device, information processing method and information processing program
RU2805668C1 (en) Providing and receiving one or more set of data over a digital communication network
KR102310912B1 (en) Biometric Identification System and its operating method
JP2023506500A (en) Provision and acquisition of one or more datasets via a digital communications network

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16838452

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16838452

Country of ref document: EP

Kind code of ref document: A1